Trust & Safety

Stato is designed for safe expertise sharing. No cloud, no telemetry, no surprises.

🛡

Privacy by Default

The privacy scanner runs automatically before every snapshot export. 19 regex patterns across 6 categories detect API keys, AWS credentials, database URLs, home directory paths, internal IPs, email addresses, patient IDs, and more.

  • Interactive review gate: sanitize, review, force, or cancel
  • Sanitize-on-export: placeholders replace secrets (originals untouched)
  • .statoignore for suppressing false positives
  • Bioinformatics-specific patterns (patient IDs, MRN, SSN)

Validated State

Every module passes through a 7-pass compiler before it reaches disk. The validate-then-write invariant ensures no invalid state accumulates. Hard errors block writes entirely.

  • 10 error codes catch syntax, structure, type, and semantic issues
  • 6 auto-corrections fix common problems silently
  • Automatic backup on every write (.history/ directory)
  • Rollback to any previous version
📁

File-Based, Zero Infrastructure

Stato has no database, no server, no cloud dependency, and no network calls. Everything is Python files in .stato/, zip archives, and TOML manifests. Works offline, works in air-gapped environments.

  • No external services or accounts required
  • No daemon processes or background jobs
  • Archives are standard zip files (inspectable with any tool)
  • Manifests are human-readable TOML
🔓

Fully Open Source

MIT license. No telemetry. No analytics. No phone-home. The entire codebase is auditable. Dependencies are minimal and well-known.

  • 4 dependencies: click, rich, tomli, tomli-w
  • 75 structural tests, all free to run
  • Bundle parser uses ast.parse (no exec on untrusted files)
  • Source at github.com/genecell/stato